diff --git a/backend/api/whatsapp-webhook.php b/backend/api/whatsapp-webhook.php
index a97ab9f..2d0a547 100644
--- a/backend/api/whatsapp-webhook.php
+++ b/backend/api/whatsapp-webhook.php
@@ -12,7 +12,7 @@ $redis = RedisClient::getInstance();
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     // Authenticate gateway request using webhook secret
     $secret = $_SERVER['HTTP_X_WEBHOOK_SECRET'] ?? '';
-    $expectedSecret = getenv('WHATSAPP_WEBHOOK_SECRET') ?: 'flash_call_otp_webhook_secret_key';
+    $expectedSecret = $_ENV['WHATSAPP_WEBHOOK_SECRET'] ?? $_SERVER['WHATSAPP_WEBHOOK_SECRET'] ?? getenv('WHATSAPP_WEBHOOK_SECRET') ?: 'flash_call_otp_webhook_secret_key';
     
     if ($secret !== $expectedSecret) {
         http_response_code(403);
diff --git a/backend/config.php b/backend/config.php
index 125d83c..ddc3367 100644
--- a/backend/config.php
+++ b/backend/config.php
@@ -20,20 +20,20 @@ if (file_exists(__DIR__ . '/vendor/autoload.php')) {
 }
 
 // Database
-define('DB_HOST', getenv('DB_HOST'));
-define('DB_NAME', getenv('DB_NAME'));
-define('DB_USER', getenv('DB_USER'));
-define('DB_PASS', getenv('DB_PASS'));
+define('DB_HOST', $_ENV['DB_HOST'] ?? $_SERVER['DB_HOST'] ?? getenv('DB_HOST'));
+define('DB_NAME', $_ENV['DB_NAME'] ?? $_SERVER['DB_NAME'] ?? getenv('DB_NAME'));
+define('DB_USER', $_ENV['DB_USER'] ?? $_SERVER['DB_USER'] ?? getenv('DB_USER'));
+define('DB_PASS', $_ENV['DB_PASS'] ?? $_SERVER['DB_PASS'] ?? getenv('DB_PASS'));
 
 // Redis
-define('REDIS_HOST', getenv('REDIS_HOST'));
-define('REDIS_PORT', getenv('REDIS_PORT'));
-define('REDIS_PASSWORD', getenv('REDIS_PASSWORD') ?: null);
-define('REDIS_DB', getenv('REDIS_DB'));
+define('REDIS_HOST', $_ENV['REDIS_HOST'] ?? $_SERVER['REDIS_HOST'] ?? getenv('REDIS_HOST'));
+define('REDIS_PORT', $_ENV['REDIS_PORT'] ?? $_SERVER['REDIS_PORT'] ?? getenv('REDIS_PORT'));
+define('REDIS_PASSWORD', $_ENV['REDIS_PASSWORD'] ?? $_SERVER['REDIS_PASSWORD'] ?? getenv('REDIS_PASSWORD') ?: null);
+define('REDIS_DB', $_ENV['REDIS_DB'] ?? $_SERVER['REDIS_DB'] ?? getenv('REDIS_DB'));
 
 // Application Keys
-define('APP_KEY', getenv('APP_KEY'));
-define('DEVICE_KEY', getenv('DEVICE_KEY'));
+define('APP_KEY', $_ENV['APP_KEY'] ?? $_SERVER['APP_KEY'] ?? getenv('APP_KEY'));
+define('DEVICE_KEY', $_ENV['DEVICE_KEY'] ?? $_SERVER['DEVICE_KEY'] ?? getenv('DEVICE_KEY'));
 
 // SMS Sender ID (for iOS SMS delivery)
 define('SMS_SENDER_ID', 'انطلق');
@@ -55,9 +55,9 @@ define('LOG_REQUESTS', true);
 define('LOG_FILE', __DIR__ . '/logs/api.log');
 
 // WhatsApp Gateway Configuration
-define('WHATSAPP_GATEWAY_URL', getenv('WHATSAPP_GATEWAY_URL'));
-define('WHATSAPP_WEBHOOK_SECRET', getenv('WHATSAPP_WEBHOOK_SECRET'));
-define('WHATSAPP_SESSION_KEY', getenv('WHATSAPP_SESSION_KEY'));
+define('WHATSAPP_GATEWAY_URL', $_ENV['WHATSAPP_GATEWAY_URL'] ?? $_SERVER['WHATSAPP_GATEWAY_URL'] ?? getenv('WHATSAPP_GATEWAY_URL'));
+define('WHATSAPP_WEBHOOK_SECRET', $_ENV['WHATSAPP_WEBHOOK_SECRET'] ?? $_SERVER['WHATSAPP_WEBHOOK_SECRET'] ?? getenv('WHATSAPP_WEBHOOK_SECRET'));
+define('WHATSAPP_SESSION_KEY', $_ENV['WHATSAPP_SESSION_KEY'] ?? $_SERVER['WHATSAPP_SESSION_KEY'] ?? getenv('WHATSAPP_SESSION_KEY'));
 
 // Timezone
 date_default_timezone_set('Asia/Amman');